Make sure your server is in a room accessible only to authorized staff, and keep the door locked

Maintain a working fire extinguisher in case of fire?

Are you providing regular security reminders and education to:

Notify your office staff that you are required to monitor their access randomly?

Make sure the entire office understands that passwords should not be shared or easy to guess?

Is it a known office policy that you:

Do not email ePHI unless you know it is encrypted?

The balancing act of maintaining HIPAA security and not inhibiting the business is not child’s play. It’s one thing to think about HIPAA compliance and another to be HIPAA compliant.

6 Reasons why it’s time for a HIPAA Reality Check

Stericycle’s white paper HIPAA Compliance: Six Reality Checks is an easy read that reveals powerful facts, graphs and statistics on HIPAA compliance and what can be done to mitigate the risk of a HIPAA breach or violation. By leveraging low-cost, highly effective best practices and committing the necessary resources to properly safeguard patient confidentiality and the security of ePHI, you can prevent costly breaches and keep the trust of your patients.

In compliance with the American Disabilities Act Amendment (ADAAA), Accessibility for Ontarians with Disabilities Act (AODA) and other state or province accessibility laws and regulations, if you use a screen reader and need help with this website or have feedback or inquiries about accessing material on this website because of a disability, contact Accessibility@stericycle.com.
Our policy is available in accessible formats upon request.

In compliance with the American Disabilities Act Amendment (ADAAA), Accessibility for Ontarians with Disabilities Act (AODA) and other state or province accessibility laws and regulations, if you use a screen reader and need help with this website or have feedback or inquiries about accessing material on this website because of a disability, contact Accessibility@stericycle.com.
Our policy is available in accessible formats upon request.